Overview

• Google's Threat Intelligence Group has issued an alert that Scattered Spider, a decentralized hacking collective, is now targeting US retailers after high-profile attacks in the UK.
• Marks & Spencer confirmed that customer data, including names, addresses, and order histories, was accessed during an April attack, though payment details and passwords were not compromised.
• The group employs advanced social engineering tactics, such as phishing, SIM swapping, and multi-factor authentication fatigue, to breach networks and launch ransomware operations.
• Industry organizations like the Retail & Hospitality ISAC are collaborating with Google to brief US retailers on the escalating threat and recommend defensive measures.
• Law enforcement faces challenges in combating Scattered Spider due to the group's loose structure, young membership, and victims' reluctance to cooperate.